Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CSUI6KLN2yQ2KhbFrwCEXI1fNpY.roa
File: CSUI6KLN2yQ2KhbFrwCEXI1fNpY.roa (raw, json)
Hash identifier: vbrx0Wtk/ZGkyhJAFQmV0Ul0iMFdGYM3GLKCaGb3zg8=
Subject key identifier: 09:25:08:E8:A2:CD:DB:24:36:2A:16:C5:AF:00:84:5C:8D:5F:36:96
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185DDB5313782A6A3E8D15BF459F0D558EA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CSUI6KLN2yQ2KhbFrwCEXI1fNpY.roa
Signing time: Mon 23 Jan 2023 08:18:37 +0000
ROA not before: Mon 23 Jan 2023 08:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.255.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:b5:31:37:82:a6:a3:e8:d1:5b:f4:59:f0:d5:58:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 23 08:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=092508e8a2cddb24362a16c5af00845c8d5f3696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fb:91:25:ee:87:8c:42:2e:cb:1c:1b:c0:06:
91:d1:f1:d2:5b:5e:37:a7:c2:a4:35:8f:b7:47:65:
e3:66:0b:2f:0a:cd:7d:ff:4d:b5:5c:5e:5c:ea:c5:
3b:e1:cb:a1:82:83:37:c8:a0:7e:22:b3:cf:22:16:
e5:22:28:db:06:b1:9e:f5:60:bd:69:46:e7:2d:7c:
08:91:49:c6:60:a0:3d:98:ba:8d:82:4b:cf:63:29:
8f:8f:47:93:55:f3:8b:7e:59:1a:61:18:d3:07:8f:
c6:7f:d7:41:94:8f:f8:df:07:b0:dd:a7:d3:c1:e5:
f7:25:68:85:c5:fd:05:a3:a8:18:77:97:62:22:53:
e2:8e:c9:0c:0b:82:26:44:15:79:d2:c7:ff:7a:a3:
d7:3c:67:c2:c5:96:bc:29:1d:94:38:e3:9e:a5:f6:
89:2e:d5:75:1d:4a:08:23:2d:f6:df:bd:5f:21:ec:
14:71:4f:84:3b:2d:f6:64:73:b6:31:fa:a3:d8:c9:
67:da:78:32:52:a0:ba:6b:72:e8:6a:cc:79:77:71:
3c:6a:29:a4:74:68:f1:04:56:6e:cc:3d:89:56:af:
7b:ed:33:01:62:7b:69:cf:4e:57:e9:93:20:2b:b6:
43:88:1f:64:1a:6d:ea:18:88:9d:c6:7b:c6:7b:80:
bb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:25:08:E8:A2:CD:DB:24:36:2A:16:C5:AF:00:84:5C:8D:5F:36:96
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CSUI6KLN2yQ2KhbFrwCEXI1fNpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.94.0/24
194.58.61.0/24
194.58.154.0/24
194.87.180.0/24
194.87.191.0/24
194.87.255.0/24
212.193.5.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
00:cc:54:9d:db:fc:64:83:3d:f8:8d:ca:98:92:77:b0:75:7f:
77:9d:13:08:11:24:02:11:6c:9b:c9:e0:26:16:a9:d4:15:9f:
06:50:d6:24:2f:b2:70:d6:52:7f:68:17:b2:d7:28:ad:d4:15:
ce:d4:bd:18:93:e5:90:cb:6a:f4:1f:35:53:67:d8:a6:40:39:
21:c8:ea:e5:f1:26:e7:21:0a:25:8f:f7:c3:d1:1b:24:24:18:
48:ed:84:6e:ee:c7:17:27:f2:b9:f3:ec:3a:09:11:d1:a7:84:
e7:9e:e5:51:1f:71:50:d3:f3:b4:3a:0e:e5:d7:ed:39:4b:6c:
43:f5:30:27:e1:e0:39:b9:53:4e:28:71:53:c4:61:2c:14:97:
b8:1a:dd:ff:6a:6a:e0:d5:52:58:a7:8a:2f:93:76:48:e6:42:
f9:7a:0d:7f:82:54:a0:17:b6:dd:21:69:ac:4e:aa:60:a9:57:
a2:fc:01:bc:06:58:f9:b1:bd:20:e2:c4:24:a1:8c:4f:21:0b:
20:6a:7e:03:23:15:9a:53:f4:a7:de:ee:0e:7c:50:47:70:35:
8a:01:cc:42:fe:24:4c:98:ff:40:aa:54:6b:11:42:50:89:9a:
e2:65:ea:c6:f2:0d:a0:97:5d:fc:c5:94:d5:92:0a:98:fa:8a:
48:7c:21:8a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYXdtTE3gqaj6NFb9Fnw1VjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTIzMDgxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTI1MDhlOGEyY2RkYjI0MzYyYTE2YzVhZjAwODQ1YzhkNWYzNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvuRJe6HjEIuyxwbwAaR0fHSW143
p8KkNY+3R2XjZgsvCs19/021XF5c6sU74cuhgoM3yKB+IrPPIhblIijbBrGe9WC9
aUbnLXwIkUnGYKA9mLqNgkvPYymPj0eTVfOLflkaYRjTB4/Gf9dBlI/43wew3afT
weX3JWiFxf0Fo6gYd5diIlPijskMC4ImRBV50sf/eqPXPGfCxZa8KR2UOOOepfaJ
LtV1HUoIIy32371fIewUcU+EOy32ZHO2Mfqj2Mln2ngyUqC6a3Loasx5d3E8aimk
dGjxBFZuzD2JVq977TMBYntpz05X6ZMgK7ZDiB9kGm3qGIidxnvGe4C7ZQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAklCOiizdskNioWxa8AhFyNXzaWMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ1NVSTZLTE4yeVEyS2hiRnJ3Q0VYSTFmTnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXxeAwQA
wjo9AwQAwjqaAwQAwle0AwQAwle/AwQAwlf/AwQA1MEFAwQA1MEJMA0GCSqGSIb3
DQEBCwUAA4IBAQAAzFSd2/xkgz34jcqYknewdX93nRMIESQCEWybyeAmFqnUFZ8G
UNYkL7Jw1lJ/aBey1yit1BXO1L0Yk+WQy2r0HzVTZ9imQDkhyOrl8SbnIQolj/fD
0RskJBhI7YRu7scXJ/K58+w6CRHRp4TnnuVRH3FQ0/O0Og7l1+05S2xD9TAn4eA5
uVNOKHFTxGEsFJe4Gt3/amrg1VJYp4ovk3ZI5kL5eg1/glSgF7bdIWmsTqpgqVei
/AG8Blj5sb0g4sQkoYxPIQsgan4DIxWaU/Sn3u4OfFBHcDWKAcxC/iRMmP9AqlRr
EUJQiZriZerG8g2gl138xZTVkgqY+opIfCGK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org